CVE-2014-9748

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2014-9748

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2014-9748.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2014-9748

Downstream

DEBIAN-CVE-2014-9748

UBUNTU-CVE-2014-9748

Withdrawn

2026-01-27T04:13:36.905262Z

Published

2020-02-11T17:15:11Z

Modified

2026-01-27T04:13:36.905262Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The uvrwlockt fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition.

References

https://github.com/libuv/libuv/issues/515
https://github.com/libuv/libuv/pull/516
https://github.com/nodejs/node/pull/2723
https://groups.google.com/forum/#%21msg/libuv/KyNnGEXR0OA/NWb605ev2LUJ
https://groups.google.com/forum/#%21topic/libuv/WO2cl9zasN8

CVE-2014-9748

Affected packages